The present invention pertains to a process for protecting a telecommunication terminal. It also refers to any equipment incorporating a communications terminal protected by implementing this process.
The term “telecommunication terminal” implies any portable cellular phone or PDA that has a personal component-hardware or software, which includes data that enables a user to access a service. In the case of GSM, it pertains to an integrated circuit card or chip card, usually known as SIM (Subscriber Identity Module) or (U) SIM, issued when a subscriber buys a mobile phone.
The mobile device of a subscriber is equipped with a functional unit called “chip card reader” which enables communication with the SIM card. This reader includes a user interface to enable exchanges between the user and the card through the device.
Besides, the functional unit of the device includes a processing unit connected to the media which stores information for its functioning: programs and data. The device also has media for communicating with the telecommunication network(s).
We are now facing many problems due to the increase in the market size of mobile telephony.
viz.
1) Devices made with old technology contain memory that can be freely accessed by read and write functions. Hence the user's sensitive data and the operator's knowhow are easily accessible in case of a theft.
2) Devices made with old technology can be made compatible with other operator networks by changing its personal component, hardware/software.
3) A cellular phone service provider often provides a device at a low price to a new subscriber. In return the service provider wants the subscriber to have restricted access to certain services during a given period.
Today, there exists a solution in the GSM field to solve these last two problems. This solution is called the lock mechanism or alternatively SIM Lock and was defined by the ETSI (European Telecommunications Standards Institute). It enables to curb the problems related to the theft of a mobile phone. The principle is to lock the phone for certain specific access in order to prevent a thief from using it without restraint in case of theft and to prevent the user from using it on networks of competitors.
The mechanism “SIMLock” has three different functions:                it locks a device to the network of a specific service provider;        it locks a device for specific services of a given service provider;        it locks a device onto a given SIM card.        
The “SIMLock” of a device is performed by an indicator or “flag” within the device indicating that the device is in a locked state. When a locked phone is switched on, this indicator retrieves the IMSI (International Mobile Subscriber Identity) number of the card (card identification number) and verifies that it corresponds to the lock conditions.
A phone can be unlocked only by using a secret code which is calculated by a undisclosed algorithm possessed by the carrier, depending upon the IMEI (International Mobile Equipment Identity) code, which is the unique serial number of a phone stored in the RAM.
Devices with old state of the art technology present the following problems:                Confidential data is not protected and can be accessed by anyone;        The existing “SIMLock” is not effective for the following reasons:        As the secret unlocking algorithm is widely known to numerous sales outlets, it is very difficult to avoid leaks and thus it could become common knowledge. As the IMEI code of the phone is not located in the protected memory of the phone, it is also accessible: a thief can thus quite easily calculate the unlocking code of the phone;        The phone memory is not protected and a defrauder may succeed in directly modifying the lock “flag” without figuring-out the unlock code. He can also replace the IMEI number by another IMEI number whose associated unlock code he may know.        
The problem that we are trying to solve is the problem regarding the protection of devices from fraudulent use, especially in case of theft.
The first subproblem concerns the protection of data.
The second subproblem consists in increasing the security provided by the locking mechanism of earlier technology, in order to limit fraudulent use.